GHSA-R9X7-2XMR-V8FW

Vulnerability from github – Published: 2022-09-16 17:45 – Updated: 2024-09-30 17:04
VLAI?
Summary
mangadex-downloader vulnerable to unauthorized file reading
Details

Impact

When using file:<location> command and <location> is web URL location (http, https). mangadex-downloader will try to open and read a file in local disk if the content from online file is exist-as-a-file in victim computer

So far, the app only read the files and not execute it. But still, when someone reading your files without you knowing, it's very scary.

Proof of Concept (PoC)

https://www.mansuf.link/unauthorized-file-read-in-mangadex-downloader-cve-2022-36082/

Workarounds

Unfortunately, there is no workarounds to make it safe from this issue. But i suggest you double check the url before proceed to download or update to latest version ( >= 1.7.2)

Patches

Fixed in version 1.7.2. Commit patch: https://github.com/mansuf/mangadex-downloader/commit/439cc2825198ebc12b3310c95c39a8c7710c9b42

Severity ?
5.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
6.9 (Medium)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "mangadex-downloader"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.3.0"
            },
            {
              "fixed": "1.7.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-36082"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-16T17:45:28Z",
    "nvd_published_at": "2022-09-07T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nWhen using `file:\u003clocation\u003e` command and `\u003clocation\u003e` is web URL location (http, https). mangadex-downloader will try to open and read a file in local disk if the content from online file is exist-as-a-file in victim computer\n\nSo far, the app only read the files and not execute it. But still, when someone reading your files without you knowing, it\u0027s very scary.\n\n### Proof of Concept (PoC)\n\nhttps://www.mansuf.link/unauthorized-file-read-in-mangadex-downloader-cve-2022-36082/\n\n### Workarounds\n\nUnfortunately, there is no workarounds to make it safe from this issue. But i suggest you double check the url before proceed to download or update to latest version ( \u003e= 1.7.2)\n\n### Patches\n\nFixed in version 1.7.2.\nCommit patch: https://github.com/mansuf/mangadex-downloader/commit/439cc2825198ebc12b3310c95c39a8c7710c9b42",
  "id": "GHSA-r9x7-2xmr-v8fw",
  "modified": "2024-09-30T17:04:09Z",
  "published": "2022-09-16T17:45:28Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/mansuf/mangadex-downloader/security/advisories/GHSA-r9x7-2xmr-v8fw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36082"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mansuf/mangadex-downloader/commit/439cc2825198ebc12b3310c95c39a8c7710c9b42"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mansuf/mangadex-downloader"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/mangadex-downloader/PYSEC-2022-264.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "mangadex-downloader vulnerable to unauthorized file reading"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.